# Prompt Injection Taxonomy ** NEW 1.5 version built into interactive Githug Pages ** [For the new live site click here](https://arcanum-sec.github.io/arc_pi_taxonomy) 🚧 **This repository is in active development. Contributions and feedback are welcome!** 🚧 This repository provides a structured taxonomy of **prompt injection attacks**, categorizing different types of attack intents, techniques, and evasions. It serves as a **resource for security researchers, AI developers, and red teamers** working to understand and mitigate the risks associated with prompt injection in AI-driven applications. ## Structure The taxonomy is organized into the following key areas: ### **Attack Intents** [`/attack_intents/`] - Describes the **goals and objectives** that attackers aim to achieve through prompt injection. ### **Attack Techniques** [`/attack_techniques/`] - Details various **methods and approaches** used to execute prompt injection attacks. ### **Attack Evasions** [`/attack_evasions/`] - Covers **methods used to hide, obfuscate, or avoid detection** of prompt injection attacks. ### **Additional Resources** - **LLM DevOps Infrastructure Security Assessment Table** [`/ecosystem/README.md`] - A structured assessment framework for evaluating the **security of AI-enabled infrastructures**. - **Example Probes for AI-Enabled Forms & Endpoints** [`/probes.md`] - A **curated list of example probes** to help identify AI-enabled web forms and endpoints in applications. ## Usage Each folder contains individual Markdown files with **detailed descriptions of specific components** within each category. The taxonomy is designed to be clear, structured, and easy to navigate. ## Who Is This For? **Security researchers** analyzing LLM vulnerabilities **Red teams** assessing AI-driven applications **Developers** securing AI-powered systems **Academics & enthusiasts** studying adversarial AI ## Contributing This project is actively evolving! Contributions, corrections, and additions are encouraged. Please follow the repository’s contribution guidelines to submit new findings or improvements. ## License & Attribution This methodology and repository content are licensed under a [Creative Commons Attribution 4.0 International License (CC BY 4.0)](https://creativecommons.org/licenses/by/4.0/). If you use, reference, or build upon this methodology, you **must** explicitly attribute the original work as follows: > *"This methodology/content is based on the [Arcanum Prompt Injection Taxonomy](https://github.com/Arcanum-Sec/arc_pi_taxonomy/) by Jason Haddix ([Arcanum Information Security](https://arcanum-sec.com/))."* Full license details are available in the [LICENSE.md](LICENSE.md) file.